Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A782FC0C3BB11EF9C2FCABA762E951A.roa
File: 4A782FC0C3BB11EF9C2FCABA762E951A.roa (raw, json)
Hash identifier: qWpXhjBlGlgSVdMCd/aZ9t2wLmfwiT+eGwlKDUnXouI=
Subject key identifier: 73:10:D6:76:E4:8E:CD:A5:3D:80:53:7B:D6:90:FD:E4:AB:D4:39:8C
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: EEAB
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A782FC0C3BB11EF9C2FCABA762E951A.roa
Signing time: Thu 26 Dec 2024 18:57:45 +0000
ROA not before: Thu 26 Dec 2024 18:57:41 +0000
ROA not after: Sun 12 Dec 2027 18:57:41 +0000
asID: 17561
IP address blocks: 45.207.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61099 (0xeeab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Dec 26 18:57:41 2024 GMT
Not After : Dec 12 18:57:41 2027 GMT
Subject: CN=676da729-d0e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:a6:e2:19:8b:d0:3a:c0:59:d5:84:0c:d2:11:
f2:b4:5f:38:fa:ef:74:3d:be:ee:36:00:c0:22:94:
c5:70:75:99:ab:d4:be:50:b5:76:c8:08:7e:9a:63:
d5:5a:99:d2:7f:20:c4:46:a5:79:56:32:1b:38:60:
a2:b5:5b:4d:b8:af:06:5b:d6:c0:50:9b:d9:d9:44:
89:40:e8:c0:02:a0:80:62:ec:0b:db:80:b8:ed:e8:
e7:72:3c:8d:98:ff:f8:4b:e0:27:b4:c7:ae:83:59:
c4:f3:64:6a:02:8f:bc:8c:13:69:e7:fe:4a:21:03:
f0:40:58:63:3a:9d:52:25:02:a5:f9:fc:1f:3b:db:
21:67:6d:69:67:69:2f:33:74:b1:cf:c7:f5:ec:4e:
d0:15:ad:81:b5:c5:f5:be:df:18:99:85:ff:01:81:
a2:86:5b:21:6a:a4:77:68:7c:e8:6f:4a:10:b9:aa:
bc:d4:b9:32:46:88:dd:e4:14:af:60:40:79:a9:bf:
a7:6f:a3:e5:68:a9:a7:92:40:8f:26:6c:78:82:5c:
35:3e:06:4c:32:d7:f0:c6:ab:ec:05:18:03:13:69:
c9:60:51:af:02:d6:07:ca:42:93:f8:81:1a:91:2c:
97:23:c4:d1:4d:6c:dd:36:2a:e7:bc:67:38:19:a3:
18:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:10:D6:76:E4:8E:CD:A5:3D:80:53:7B:D6:90:FD:E4:AB:D4:39:8C
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/4A782FC0C3BB11EF9C2FCABA762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.207.150.0/24
Signature Algorithm: sha256WithRSAEncryption
50:80:da:32:29:5f:95:3c:02:02:ef:b2:f7:d6:cd:0b:c2:b6:
ac:95:22:14:ba:1d:c6:40:9d:0b:5a:7b:67:45:3e:f4:8d:ce:
e6:fc:d4:b8:3d:bb:b4:44:4b:64:33:77:ed:6c:20:a6:dc:72:
6f:79:99:a4:2b:a2:88:42:09:05:4b:05:e7:ad:b5:16:59:ed:
64:9c:8e:47:c4:b1:7c:37:c0:fe:2e:6f:8c:86:81:d0:2e:60:
a8:5a:e4:84:f3:b1:d6:b9:e7:25:d6:ea:5d:c1:11:f5:b2:23:
33:97:e9:b0:f6:30:cb:4b:9d:f3:75:9e:c9:02:41:3c:4a:7b:
60:68:57:15:be:ee:6c:09:a5:b5:f7:f0:16:0d:50:43:d8:e6:
64:0c:e9:90:b3:cf:b7:68:9f:99:24:65:81:00:3d:c8:8e:c4:
17:dc:b0:9b:9f:06:6d:ab:ad:fc:75:fb:9a:f3:79:4a:80:01:
32:55:7b:bf:76:b6:ca:f8:32:28:13:78:ef:54:fd:af:12:5c:
de:dc:05:8b:f8:62:63:ca:aa:d9:3f:0b:8c:28:4f:31:a5:e0:
d2:64:07:f4:49:89:92:c0:3c:73:82:00:52:23:c7:e8:1b:c3:
5f:6c:5d:61:db:a0:93:af:e6:cd:61:9a:d6:92:7e:f3:16:27:
56:ce:c6:ff
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAO6rMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMjI2MTg1NzQxWhcNMjcxMjEyMTg1NzQxWjAYMRYw
FAYDVQQDEw02NzZkYTcyOS1kMGUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3abiGYvQOsBZ1YQM0hHytF84+u90Pb7uNgDAIpTFcHWZq9S+ULV2yAh+
mmPVWpnSfyDERqV5VjIbOGCitVtNuK8GW9bAUJvZ2USJQOjAAqCAYuwL24C47ejn
cjyNmP/4S+AntMeug1nE82RqAo+8jBNp5/5KIQPwQFhjOp1SJQKl+fwfO9shZ21p
Z2kvM3Sxz8f17E7QFa2BtcX1vt8YmYX/AYGihlshaqR3aHzob0oQuaq81LkyRojd
5BSvYEB5qb+nb6PlaKmnkkCPJmx4glw1PgZMMtfwxqvsBRgDE2nJYFGvAtYHykKT
+IEakSyXI8TRTWzdNirnvGc4GaMYTQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFHMQ
1nbkjs2lPYBTe9aQ/eSr1DmMMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC80QTc4MkZDMEMzQkIxMUVGOUMyRkNBQkE3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALc+WMA0GCSqGSIb3DQEBCwUA
A4IBAQBQgNoyKV+VPAIC77L31s0LwraslSIUuh3GQJ0LWntnRT70jc7m/NS4Pbu0
REtkM3ftbCCm3HJveZmkK6KIQgkFSwXnrbUWWe1knI5HxLF8N8D+Lm+MhoHQLmCo
WuSE87HWuecl1updwRH1siMzl+mw9jDLS53zdZ7JAkE8SntgaFcVvu5sCaW19/AW
DVBD2OZkDOmQs8+3aJ+ZJGWBAD3IjsQX3LCbnwZtq638dfua83lKgAEyVXu/drbK
+DIoE3jvVP2vElze3AWL+GJjyqrZPwuMKE8xpeDSZAf0SYmSwDxzggBSI8foG8Nf
bF1h26CTr+bNYZrWkn7zFidWzsb/
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:45:48 2025 by rpki-client